Author Archives: BrianKrebs

Microsoft: No More Pick-and-Choose Patching

October 11, 2016
104 Comments

Adobe and Microsoft today each issued updates to fix critical security flaws in their products. Adobe’s got fixes for Acrobat and Flash Player ready. Microsoft’s patch bundle for October includes fixes for at least five separate “zero-day” vulnerabilities — dangerous flaws that attackers were already exploiting prior to today’s patch release. Also notable this month is that Microsoft is changing how it deploys security updates, removing the ability for Windows users to pick and choose which individual patches to install.

Europe to Push New Security Rules Amid IoT Mess

October 8, 2016
117 Comments

The European Commission is drafting new cybersecurity requirements to beef up security around so-called Internet of Things (IoT) devices such as Web-connected security cameras, routers and digital video recorders (DVRs). News of the expected proposal comes as security firms are warning that a great many IoT devices are equipped with little or no security protections.

Feds Charge Two In Lizard Squad Investigation

October 6, 2016
49 Comments

The U.S. Justice Department has charged two 19-year-old men alleged to be core members of the hacking groups Lizard Squad and PoodleCorp. The pair are charged with credit card theft and operating so-called “booter”or “stresser” services that allowed paying customers to launch powerful attacks designed to knock Web sites offline.

Who Makes the IoT Things Under Attack?

October 3, 2016
150 Comments

As KrebsOnSecurity observed over the weekend, the source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released. Here’s a look at which devices are being targeted by this malware.

Source Code for IoT Botnet ‘Mirai’ Released

October 1, 2016
108 Comments

The source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released, virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, DVRs and other easily hackable IoT devices.

‘Money Mule’ Gangs Turn to Bitcoin ATMs

September 29, 2016
31 Comments

Fraudsters who hack corporate bank accounts typically launder stolen funds by making deposits from the hacked company into accounts owned by “money mules,” willing or unwitting dupes recruited through work-at-home job scams. The mules usually are then asked to withdraw the funds in cash and wire the money to the scammers. Increasingly, however, the mules are being instructed to remit the stolen money via Bitcoin ATMs.

Inside Arizona’s Pump Skimmer Scourge

September 27, 2016
61 Comments

Crooks who deploy skimming devices made to steal payment card details from fuel station pumps don’t just target filling stations at random: They tend to focus on those that neglect to deploy various tools designed to minimize such scams, including security cameras, non-standard pump locks and tamper-proof security tape. But don’t take my word for it: Here’s a look at fuel station compromises in 2016 as documented by the state of Arizona, which has seen a dramatic spike in fuel skimming attacks over the past year.

The Democratization of Censorship

September 25, 2016
196 Comments

John Gilmore, an American entrepreneur and civil libertarian, once famously quipped that “the Internet interprets censorship as damage and routes around it”. This notion undoubtedly rings true for those who see national governments as the principal threats to free speech.

However, events of the past week have convinced me that one of the fastest-growing censorship threats on the Internet today comes not from nation-states, but from super-empowered individuals who have been quietly building extremely powerful cyber weapons with transnational reach.

KrebsOnSecurity Hit With Record DDoS

September 21, 2016
122 Comments

On Tuesday evening, KrebsOnSecurity.com was the target of an extremely large and unusual distributed denial-of-service (DDoS) attack designed to knock the site offline. The attack did not succeed thanks to the hard work of the engineers at Akamai, the company that protects my site from such digital sieges. But according to Akamai, it was nearly double the size of the largest attack they’ve seen previously, and was among the biggest assaults the Internet has ever witnessed.

DDoS Mitigation Firm Has History of Hijacks

September 20, 2016
34 Comments

Last week, KrebsOnSecurity detailed how BackConnect Inc. — a company that defends victims against large-scale distributed denial-of-service (DDoS) attacks — admitted to hijacking hundreds of Internet addresses from a European Internet service provider in order to glean information about attackers who were targeting BackConnect. According to an exhaustive analysis of historic Internet records, the BackConnect appears to have a history of such “hacking back” activity.